3 matches found
CVE-2019-25260
OXID eShop versions 6.x prior to 6.3.4 contains a SQL injection vulnerability in the 'sorting' parameter that allows attackers to insert malicious database content. Attackers can exploit the vulnerability by manipulating the sorting parameter to inject PHP code into the database and execute...
Linux kernel 缓冲区错误漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. An out-of-bounds read vulnerability exists in versions of Linux kernel prior to 6.3.4, which stems from fs/ksmbd/smb2pdu.c not properly checking the UserName value, and can be...
CVE-2017-18084
The usermacros resource in Atlassian Confluence Server before version 6.3.4 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability through the description of a macro...